Legal

Acceptable Use Policy

Effective date: 2026-05-07 · Last updated: 2026-04-27

In this document

1. Prohibited content + uses 2. Prohibited technical activity 3. Account integrity 4. Communication-channel obligations 5. Acceptable AI behaviour 6. Reporting + enforcement 7. Modifications 8. Contact

This Acceptable Use Policy ("AUP") forms part of your agreement with

Layer Zero Studios ("Layer Zero", "we", "us") under the

not to engage in any of the activities listed below, and to ensure

no one acting on your account does either.

Lawyer review required before publication.

1. Prohibited content + uses

You may not use AXIS to create, send, transmit, store, or process:

Spam — bulk unsolicited commercial communications, including

outreach to recipients who have not opted in or whose opt-in cannot

be evidenced if challenged.

Phishing or fraud — communications designed to deceive recipients

about the sender's identity, the source of payment, or the legitimacy

of a transaction.

Illegal content — anything unlawful in your jurisdiction or in

ours, including content that infringes intellectual property,

defamatory content, hate speech, content that incites violence, or

content involving minors in any sexual or exploitative context.

Regulated services without authorisation — providing legal,

medical, tax, immigration, financial-advisory, or investment-advisory

services to third parties via AXIS unless you are duly licensed and

indemnify us under §12 of the ToS.

Sensitive personal data beyond ordinary business records —

credit-card primary account numbers (PAN, full PCI DSS scope),

unencrypted health records (HIPAA / POPIA-Special-Personal-Information),

government identification numbers in bulk, biometric data, or

classified information. AXIS is not certified for these data classes.

Deceptive AI use — generating content designed to deceive

recipients into believing AI-generated content was written by a

specific real human, including deepfakes, voice clones, or

impersonation of real individuals or organisations.

2. Prohibited technical activity

You may not, and may not permit anyone else to:

Reverse-engineer, decompile, disassemble, or attempt to derive the

source code of AXIS, our prompt templates, our model integrations,

or any other proprietary component;

Extract, scrape, or systematically download AXIS-generated content

for the purpose of training a competing AI model or building a

competing service;

Run penetration tests, vulnerability scanners, load tests, or

fuzzing without our prior written consent (we welcome responsible

disclosure — write to security@layerzerostudios.com first);

Bypass, attempt to bypass, or interfere with rate limits, quotas,

feature flags, MFA enforcement, audit logging, or any other safety

or billing control;

Use automated tooling other than AXIS's own API to interact with the

Service in ways that materially exceed normal human use;

Introduce viruses, worms, trojans, or other malicious code into AXIS

or any connected system;

Use AXIS to mine cryptocurrency, run consensus nodes, or otherwise

consume disproportionate compute relative to your subscription tier.

3. Account integrity

One account per legal entity. Multiple natural-person operators

may share an account if they all bind the same legal entity. Multiple

unrelated entities may not share one account.

Two-factor authentication is mandatory on every account; we may

suspend access if 2FA is disabled or rotated to a method we

reasonably consider weakened.

Credential sharing prohibited — login credentials and authenticator-

app secrets must not be shared outside the legal entity that owns

the account.

No farming. Repeatedly creating and abandoning trial accounts

to extend trial coverage is prohibited.

No resale or sublicensing without a written reseller agreement.

4. Communication-channel obligations

When AXIS sends email, SMS, calendar invites, or other messages on

your behalf:

You warrant that all recipients have a lawful basis to receive the

communication (consent, legitimate interest, contractual relation, etc.)

and that you can produce evidence of that basis on request.

You warrant that all sender identities AXIS uses are domains and

email addresses you own or have written authorisation to send from.

You will honour unsubscribe requests within 5 business days,

via the AXIS unsubscribe-token mechanism or equivalent.

You will comply with all applicable laws governing the channel,

including but not limited to: CAN-SPAM (US), CASL (Canada), GDPR

(EU), POPIA (South Africa), TCPA (US, where SMS), eIDAS (EU,

electronic signatures).

If we receive abuse complaints (spam reports, blacklist listings,

regulator notices) attributable to your account, we may **suspend

sending immediately** while we investigate, and may charge any

reasonable cleanup costs to your account.

5. Acceptable AI behaviour

When AXIS generates content for you to review, edit, send, or sign:

You must review every external-facing output before it leaves

your account. AXIS's approve-only default exists for this reason.

You must not use AXIS to systematically deceive counterparties

about the human-authored nature of content, including in contexts

where regulation (e.g. EU AI Act for high-risk classifications)

requires disclosure.

You must **not configure AXIS to take regulated decisions

autonomously** — credit decisions, insurance underwriting, hiring

rejections, medical triage, and similar must remain human-decided

even where AXIS provides analysis.

You acknowledge known AI failure modes (hallucinations, biased

outputs, factual errors) and accept responsibility for catching

them per ToS §7.

6. Reporting + enforcement

Report abuse to abuse@layerzerostudios.com. We aim to acknowledge

within 1 business day.

Report security issues to security@layerzerostudios.com. We

follow coordinated-disclosure principles and will not pursue

good-faith security researchers.

We may suspend or terminate any account at our discretion for

any breach of this AUP, the ToS, or applicable law. Severe breaches

(illegal content, mass abuse, technical attacks) may be terminated

immediately and without refund.

We may disclose user information to law enforcement, regulators,

or third parties to the extent required by law or to investigate

fraud, abuse, security incidents, or violations of this AUP.

7. Modifications

We may update this AUP from time to time. Material changes will be

notified at least 14 days before the effective date by email to the

account contact. Continued use after the effective date constitutes

acceptance.

8. Contact

Abuse: abuse@layerzerostudios.com
Security: security@layerzerostudios.com
Legal: legal@layerzerostudios.com
Support: hello@layerzerostudios.com